Acta Metallurgica Sinica(English letters) ›› 2007, Vol. 14 ›› Issue (4): 77-81.doi: 1005-8885 (2007) 04-0077-05

• Wireless • Previous Articles     Next Articles

Information security assurance lifecycle research

XIE Cheng-shan; XUJIA Gu-yue; WANG Li   

  1. School of Economy and Management, Beihang University
  • Received:2007-01-18 Revised:1900-01-01 Online:2007-12-24
  • Contact: XIE Cheng-shan

Abstract:

This article proposes that problems of information security are mainly caused by the ineffective integration of people, operation, and technology, and not merely by the poor use of technology. Based on the information lifecycle, a model of the information security assurance lifecycle is presented. The crucial parts of the model are further discussed, with the information risk value and protect level, and the solution in each step of the lifecycle is presented with an ensured information risk level, in term of the integration of people, operation, and technology.

Key words:

information security; information risk; information lifecycle